[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Some details on RSA Secure



Here are my biased comments on RSA Secure.  They are biased by
the fact that I an a techie who works for RSA Data Security.

Neatest Features:
- It is integrated with the File Manager on Windows and the
  Finder on Mac System 7.
    For example, from the file manager you can double click on
  an encrypted Excel spread sheet and the file will automatically
  decrypt and launch Excel.  The decryption can be automatic
  because the file manager hangs on to your password for a settable
  number of minutes.

- A settable list of files can be automatically decrypted (or
  encrypted) on system startup (or shutdown).

Technical Features:
- The random number generator for file encryption keys and public
  keys is seeded by user keystrokes or wiggling the mouse.  The
  GUI for this is really fun to play with, but it only comes up
  when you first install the software.

- The user's passphrase unlocks a master key that is used to unlock
  the file encryption key for each file.

- Tamper detection for encrypted files using an MD5 hash.

- If emergency key access is turned on then the file encrypting
  key is also encrypted with the public key for emergency key
  access.  That public key is usually split into 5 or more pieces
  and two or three of the pieces are required to perform the
  emergency access functions.  A quick look at the file header
  reveals whether the escrow feature is in use.

- Files encrypted with the 40 bit demo version can be read by
  the 80 bit commercial version, and will be automatically
  upgraded to 80 bit security when they are reencrypted.

- Runs on DOS, Windows, Mac, and SunOS.  Other ports coming soon.


Coming Soon:
- Password based file sharing.  A simple way to protect files
  in transit using a secret passphrase known only to the sender
  and receiver.  Currently, only the person who encrypted the
  file can decrypt it.

- Self decrypting binaries.  This allows you to send an encrypted
  file to someone who does not have RSA Secure.  They execute
  the file, which then asks for the password and extracts the
  contents if the password is correct.  The sender can choose
  to use 40 or 80 bit encryption keys in order to comply with
  export regulations.

Request for Improvements:

        What else should be in a product that is aimed at
the commercial laptop market?

                --Bob Baldwin